msgpackr is a fast MessagePack NodeJS/JavaScript implementation. Prior to 1.10.1, when decoding user supplied MessagePack messages, users can trigger stuck threads by crafting messages that keep the decoder stuck in a loop. The fix is available in v1.10.1. Exploits seem to require structured...
6.8CVSS
6.4AI Score
0.0004EPSS
json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype...
9.8CVSS
9.4AI Score
0.005EPSS